There’s an entry over on referenced by The Post Money Value implying that recent security issues make Firefox the security equivalent of IE. All it takes is 5 minutes of browsing with both to show you that even on the base level, this is not the case. Will there be security holes found? Sure, no software is perfect, and there are a lot of clever people out there that know how to find holes in it. Redesigning the internet won’t fix it, as this will always be a problem where interconnected computers are involved.
There are tons of ways to run things securely over the internet — part of the problem is that it’s too inconvenient. Take encrypted email, for example. A lot of people send sensitive information over email, not realizing that it’s the digital equivalent of a postcard. Anyone along the way can read it. I was asked by a professor this January to email my social security number to him. I of course did no such thing. I brought it to his office on a post-it note, about which he complained. If he had been able to accept encrypted email, I would have sent it to him.
We’re talking about a guy that teaches Networking and also Operating Systems. I have a final exam today in the latter. Even still, for whatever reason, PGP encrypted email is too complicated or (more likely) too much of a hassle for him to use on a regular basis. There’s the further problem that one has to have people with encryption set up to send to, or it’s pointless. I have my computers set up for encrypted mail, but there’s noone to exchange it with. Part of the reason that this is the case is that it’s complicated.
In order for something to become a global phenomenon, like email, it’s necessary to make it easy for most of the population to use. This means that rather dumb and lazy people must be able to use it. Therefore, it must be easy and simple to use.
No matter how much software is re-engineered there are still these problems. Security is complicated, and people don’t like complication. I can tell you that by not being tied into the operating system, Firefox already has a leg-up on IE. This is not to mention all of the additional features and plugins available on Firefox.
Some of us are living in a world where spyware, viruses, and scams using holes in our browsers plague our computers and sap our time as we try to root them out. Others use programs and operating systems wherein this is less of a concern, where we can just use our computers. Seems kind of silly to spend all that time and money on antivirus and antispam software, when it’s really not necessary. Regardless of metrics on time to patch, I can tell you that comparatively, Firefox falls into the latter category, while IE falls into the first.
I wouldn’t even begin to know how to encrypt an email, or how to receive one that is encrypted.
Alex: it took me a lot of time and a good bit of effort to get it figured out, but then there’s nobody to send it to.